Hacking groups are using legitimate cloud offerings such as Amazon Web Services to facilitate malware creation and password cracking, delegates at RSA 2010 were told.
The Russian Business Network (RBN), one of the most powerful and extensive malware and hacking organisations, has been buying time on Amazon's EC2 platform to build malware and attack passwords, according to Ed Skoudis, founder of security consultancy InGuardians.
"Bad guys can use the cloud to improve operations just as we can. The RBN has been using Amazon for the same kind of benefits as the good guys," he said.
"It gives them enormous password hacking tools, and can be used in massive search engine optimisation poisoning attacks."
The RBN, based in northern Russia, is one of the biggest and most professional hacking groups in the world.
The organisation started in the pornography business, but quickly moved to crime and now offers malware-as-a-service and hosting services, and provides credit card data and false identities.
Other security professionals have confirmed the use of mainstream cloud services by the hacking and malware community.
"We use it to number crunch, and so do they," Paul Simmonds, chief information security officer at AstraZeneca, told V3.co.uk.
"After all, one set of numbers is all the same in the end. Cloud gives them the power they need to break passwords efficiently."
Using photocatalysts to convert carbon dioxide into usable energy such as methane or ethane
Trained on curated data from Moorfields Eye Hospital, the neural networks show clinicians how they reached their decisions
Yokohama National University demonstrate technology that could lead to a fault-tolerant universal quantum computer
Top-of-the-range Threadripper 2990WX now available from Scan, Ebuyer, Overclockers, Novatech and Amazon